Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1868
Views
5
Helpful
4
Replies

ASA 5555 with LDAP over TLS 1.2 not working

jewfcb001
Level 4
Level 4

‎01-24-2018 12:53 AM - edited ‎02-21-2020 07:12 AM

Hi Everyone .

I try to configure AAA on ASA 5555 running version 9.6(3)  with LDAP over TLS 1.2 not working  but over SSL It's working 

I would like to make sure ASA not support LDAP over TLS 1.2

 

Please advise me .

 

Thank you .

Labels:
Preview file
122 KB
0 Helpful
4 Replies 4

OSN TEAM
Level 1
Level 1

‎01-24-2018 12:59 AM

Maybe you are hitting the below bug:

 

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCus71190/?reffering_site=dumpcr

 

I didn't see 9.6.3 as affected nor fixed version. Either you can contact Cisco TAC for a clarification or downgrade/upgrade one of the fixed versions and see if that works.

 

-

HTH

AJ

0 Helpful

jewfcb001
Level 4
Level 4
In response to OSN TEAM

‎01-24-2018 01:06 AM

Hi OSN Team ,

 

Thank you for answer . 

 

I mean if i not enable SSL(Port 636)  but If i not enable SSL (Port 636) It's not working .

I see message below 

"You must configure LDAP over SSL to enable password management with Microsoft Active Directory and Sun servers." 

Please advise me .

 

 

12.PNG

0 Helpful

Da_Dang
Level 1
Level 1

‎01-30-2018 08:00 AM

I have an ASA5515 with 9.6(3)1

LDAP over TLS is working with Windows Domain Controller 2012R2. Since OS was Updated to 2016 LDAP over TLS does not work anymore. 

Both Servers use TLS1.2

Have another ASA 5506x, running 9.6.(1) and configured SLADP with same Servers

2012R2 authentication works

2016 authentication works

Both ASA are using same SSL-Settings

 

regards

Mat

jewfcb001
Level 4
Level 4
In response to Da_Dang

‎01-30-2018 08:20 AM - edited ‎01-30-2018 08:27 AM

Hi  Da_Dang ,

 

Thank you for your answer .   If I not enable LDAP over SSL , It's not working  

Please advise me .

 

 d.PNG

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card